As smartphones grow more popular, you'll be under more pressure to manage them. How far should you go?

InfoWorld|Nov 18, 2009

There's a reason the BlackBerry is the corporate standard smartphone and why no other device comes close. And it's not the keyboard (though that helps). It's BlackBerry Enterprise Server (BES), the tool that lets IT manage BlackBerry users' access and security settings to the standards that most regulated companies and government agencies must meet. But as employees continue to put pressure on IT to support the iPhone and other devices, such as the new breed of Android devices, lots of companies are coming out of the woodwork offering mobile management products.

I'm not so sure. These tools do one or more of the following things, and most companies don't need the whole ball of wax: security/access management, inventory management, support management, and expense management.

Secure mobile access

Before you invest in any tools, you should know that very few smartphones support enterprise-class security. The BlackBerrys do when used with BES. Windows Mobile 6.x and Palm OS devices do when used with Microsoft Exchange ActiveSync. And ... well, that's mostly it. The iPhone 3G S supports a subset of ActiveSync Exchange policies. The WebOS-based Palm Pre and Symbian-based Nokia 9x devices are said to support a few such policies, though neither company has been able to tell me which ones. Google's Android OS does not support these policies.

So, your core management problem -- ensuring secure, authorized access -- is pretty much taken care of for you if you use BES or Exchange. Except that the iPhone doesn't have the auditing and remote provisioning features that regulated organizations require, not even if you use the free iPhone Configuration utility from Apple.

That gap may cause you to look for a mobile management tool, such as Good Technology's Good for Enterprise or MobileIron's same-named server. But be careful. Good adds Defense Dept.-grade encryption capabilities to iPhone OS, Palm's webOS, Google Android, and Windows Mobile 6.0 and earlier (later versions have encryption, as does the iPhone 3G S) -- but you have to install a client app on the devices. However, once you do, you get BES-like security and management capabilities. Sybase's Afaria 6.5 product also brings on-device encryption and BES-like security and access management capabilities to the iPhone. MobileIron's iPhone client doesn't add encryption, but it does verify the iPhone is accurately reporting the Exchange ActiveSync policies it says it does, which iPhone OS 3.0 and earlier did not do accurately.

Asset management and auditing

Other mobile management tools won't help you with security and access control issues. That's because they're really about the other three types of management: inventory management, support management, and expense management. The case for investing in those capabilities is harder to justify.

Very large organizations will likely find utility in tools such as Zenprise, BoxTone, and Visage Mobile because the number of devices and service contracts they manage is huge and usually distributed across many locations. But they presume you're not able to manage your devices as part of your regular inventory management tool set, that you can't manage your support tickets with your regular support system, and that you need access to the devices themselves when providing mobile support. Do you really? If so, then consider them.

Some tools, such as Zenprise, Afaria, and Good for Enterprise, give you the auditing tools you may need to satisfy compliance requirements. But ask yourself if you're not overdoing your compliance work. Unless there's a specific mandate in your industry for such tracking, a good security management tool may be all you need.

Carrier watch

I suspect that most companies can manage company-provisioned smartphones as they do their other assets and can use a consulting service such as Telwares to do the contract and expense management. The carriers' systems are a mess, and they tend to make billing and account errors that work in their favor, which is why there are many firms like Telwares who make a living keeping them honest. I'm not sure that developing that expertise internally is worthwhile, at least for most organizations.

And if you don't actually provision devices to your employees -- and instead subsidize their usage -- your inventory and expense management issues pretty much go away. It might still be tempting to get a tool for device support, but very few support the new generation of devices such as the iPhone, Android, or webOS smartphones. Again, do you really need that direct access to help your users?

There's a place for all these tools. Just make sure there's a place in your organization before launching into a management drive.

Don't forget to be part of the InfoWorld Mobile Patrol: Send in your tips, complaints, news, and ideas to comments@infoworldmobile.com. Thanks!

InfoWorld executive editor Galen Gruman analyzes the latest issues in mobile technology and the consumerization of IT. His latest book is "iPad at Work for Dummies"; Gruman has written or co-written more than 40 how-to books, on iOS, iPad, Windows 8, OS X, and desktop publishing.